Cisco Devices Vulnerable to Denial of Service Attacks

Bad things came in threes for Cisco security users this week, as the vendor announced vulnerabilities in three of its security hardware products that could lead to denial-of-service (DoS) attacks on the devices. Meanwhile, a fourth vulnerability in Cisco’s IOS-based intrusion-prevention software could allow attackers to evade detection when going after the aforementioned security gear.

Cisco’s widely used standalone PIX Firewall, Firewall Services Module (FWSM) for switches and routers, and Adaptive Security Appliance (ASA) are vulnerable to receiving a wide variety of doctored packets, which could result in a DoS attack on the products. Additionally, Cisco’s IOS-based Intrusion Prevention System (IPS) feature has a flaw that could allow hackers to chop up the malicious packets to evade IPS detection when attacking a Cisco PIX, ASA or other network devices. Cisco Devices Vulnerable to Denial-of-Service Attacks - Security Feed - News - CSO Magazine